back to article Parliamentary 'puters made 30k tries to procure pr0nz last year

The Houses of Parliament's network was used to access pornographic material 30,876 times from March to October, it was revealed today. That works out at approximately five attempts to access smut per hour, with Blighty's parliamentary filtering system blocking users from viewing the content. September was the month MPs were …

Silver badge

Is that not a challenge?

The parliamentary filters bans all porn sites.

Guest network runs through the filter.

How long before someone finds one it *doesn't* block.

3
1
Silver badge

Re: Is that not a challenge?

To be honest, there's not much you can do about it anyway. No filter will ever be perfect.

But the alternative is "no internet access at all" which is then a problem for everything from visitors to contractors to just general contingency if the computers go down.

As someone who does operate a workplace wifi network, including guest access, I can also tell you - it means nothing. The system is for a school and it blocks ALL access to dodgy stuff, everything from Facebook to porn (kids definitely shouldn't be trying to get the latter, but also they shouldn't be able to just join the guest network and bypass our Facebook blocks!).

You know what flags the most? Contractor's mobile phones during the holidays (contractors are rarely allowed on-site in term-time, and certainly not allowed to use their mobiles when they do because of the basic child protection rules). They come on-site, can't get 4G, they need to send an invoice, check a spec, download a manual, access their corporate intranet, etc. So they ask to join the guest wifi, and bam... all their background stuff hits the filter and sets off alerts. It's not at all unusual for someone to instantly be blocked because of the number of alerts, the maintenance team bring them to the IT office, they show us their phone and the second we unlock it there's a browser with a dozen porn tabs in the background and significant history.

Sure, it shouldn't be there. Sure, you can't block everything. But it's also not necessarily the best thing in the world to just block all wifi access (they'll just do it via 4G anyway... at least going via the Wifi you can make them accountable for it if it's something really dodgy).

To be honest, with something like Parliament, I imagine there are a thousand reporters who "just want to submit their story" but aren't able to just connect to 4G from inside the massive stone walls, so they give them a guest wifi. And I don't imagine the average tabloid journalist is averse to having a phone full of porn.

Fact is - there's a block in place. This lets you record traffic, see trends, get alerts. This lets you detect and investigate the illegal stuff immediately (I should hope!). While providing a useful function to guests, and not being a way to "bypass" restrictions on the normal network (because then you'll just have everyone join the guest wifi to do their "classified" work).

8
0
Silver badge

Re: Is that not a challenge?

So basically Parliament are letting everman and his dog bring their own porn filled devices in to use the network? I guess that explains it.

but re "certainly not allowed to use their mobiles when they do because of the basic child protection rules)"

Are these people vetted or not? Does the same go for full time staff?

4
0
Silver badge

Re: Is that not a challenge?

Why don't they use a VPN? They're quite cheap to rent.

0
0
Silver badge

Re: Is that not a challenge?

You can't work for schools without being vetted. Even our access control guys / telephone guys / hole-diggers are required to be. The only exception is completely contracted-out staff under the strict supervision of already-vetted staff (e.g. Virgin Media cable pullers, etc.), which is why such work is often done when no children are present or someone literally has to stand with them at all times.

That doesn't mean they don't have a phone full of porn, though.

1
0
Anonymous Coward

Re: Is that not a challenge?

All member support staff and civil service staff are subject to civil service vetting, usually to an SC level, though some low grade roles only require CTC and a couple of higher roles require DV. Members are vetted privately by their own parties and are not subject to the Civil Service Charter.

0
0
Facepalm

yes, but

"The data shows requests to access websites, not visits to them"

Oh wait, these are the same idiots who suggested it would be good if there were ways to "delete things from the Internet". Amongst other such sentences which show absolutely zero understanding of how the Internet actually works.

Presumably they also thought the request was only logged if they ended up with someones titties displayed on their £1000 15" CRT monitor which a "consultant" had said was state-of-the-art.

9
1
Silver badge

Re: yes, but

It can go further.

Plod: "Mr.Terrorist, it says here quite clearly you accessed terroristheaven.com 100 times."

Mr.Terrorist: "Actually you'll find that's just a request to access the website, not an actual visit to them."

19
0
Anonymous Coward

Re: yes, but

and anyway it wasn't me logged in at the time, honest.

Love Damian G

13
0
Silver badge

Re: yes, but

Someone can send you an e-mail that includes references to pictures from $NAUGHTYPLACE. Depending on configuration choices, that's liable to make you desktop computer "visit' $NAUGHTYPLACE.

5
0
Silver badge

Re: yes, but

"The data shows requests to access websites, not visits to them"

Yes, a single pixel link to a tracker site or an ad from a porn site on the side of the file download page isn't a "visit" to that website.

1
0
Silver badge

Re: yes, but

Only if your email is set up in a totally stupid way.

You should never just automatically pull down all images in email links

I download email headers only.

If they look OK, I grab the email (but do not auto pull down any content such as a link to an image)

I do not automatically render / process inline (or "normal") attachments in email client

Obv, for most people headers only may seem a bit paranoid, but as bare minimum users should have email set to NOT auto download images & other problem content in urls

.. but when you can get in a lot of serious trouble if any iffy content appears on your work machine, then it makes sense to be paranoid and make best efforts to sanitize emails to avoid the potential contract violation hassle

1
0

hmm, this is a bit of a non-story really I think depending on what the filters class as porn, personally, I suspect advertisements are the biggest culprit for logging a 'hit', maybe some pictures on Facebook and the like where the filters deem the image to have a lot of skin colour in them trigger quite a few hits too...

4
3
Silver badge
Stop

SexyMP

Don't. Just don't.

There isn't enough mind bleach on the planet.

5
0

Re: SexyMP

I read your warning too late...

They need a 3rd option.

"I'd rather tie my d*ck to the next space-X launch rocket with piano wire!"

8
0
Silver badge

Re: SexyMP

Frankly, the description of Damian Green as a "right-hand man" was enough for me to set aside any thought of looking at the pictures...

11
0
Silver badge

It isn't all that serious

If you allow personal devices on the network then occasionally you are going to get a few hits on porn hub, all it takes is someone not closing their browsing tab.

6
0
Anonymous Coward

Total non-story, clearing distributed by someone who is intending to mislead the general public who would have no idea as to how web filtering works.

You pick your web-filtering hardware/IaaS/SaaS solution and by and large your vendor provides you with a pre-defined and routinely updated black-list. It's for you to white-list items that you don't think should be blocked. By default I tend to find the default black-lists to be overzealous as the vendor will likely want to play it safe, and if you've using a product from say ... Forecpoint (Websense) ... they'll not want to cause an international scandal since they're owned by a US defence contractor. Potentially very bad publicity indeed.

I can walk across my office on almost any day and I'll spot someone with a bonefide web page but there'll be a frame with an advert in it displaying the corporate policy defined blocked content message. No one is surfing pr0nz, but there are LOTS of so called genuine web media outlets which don't scrutinise the advertising space that they've resold, or the content agency they've used simply doesn't give a f***. Pr0nz ads are getting less common and embedded bit coin mining are becoming more prevalent. Just follow the money.

9
1
Gold badge

"but there are LOTS of so called genuine web media outlets which don't scrutinise the advertising space that they've resold"

Perhaps they should. Perhaps there should be a bit more reputational damage for sites that don't scrutinise what ends up in their advertising space. Perhaps then we'd see the ad-brokers given the damn good kicking they so richly deserve.

After all, if you can code up a Spectre attack in Javascript, ads are a pretty major security issue.

2
0
Anonymous Coward

It doesn't surprise me that they are looking at people f*cking it's what they do best.

2
0
Silver badge
Coat

It doesn't surprise me that they are looking at people f*cking it's what they do best.

I think you might have meant "...looking at f*cking up, it's what they do best"...

2
0
Silver badge

off topic

Its Parliament reShuffle day today!

A vital annual parliamentary tradition designed to shove Politicos up the ladder and make their CVs look good for all those directorships they will sit on , whilst , most crucially, making sure no one knows what the fuck they are doing because they've been in the job less than a year.

2
0
Silver badge

Re: off topic

directorships

IRTA: "Dictatorships". Which is probably more applicable for their end-state desires..

4
0
Anonymous Coward

me being in a typically well secured nhs establishment , I can just switch off the filter in the proxy settings and walk round it . Amazing eh?

0
1
Anonymous Coward

Meh pretty standard response to a weak FOI question. We get these all the time. Fishing (for once not phishing) exercises by journalists and vendors looking for a cheap easy story. Take the figures out of context, ditch the context usually provided with it and hey presto Daily Mail story.

Interpreting internet filtering reports is a bit of a black art. Over the years I've probably spent more time using them to get people off the hook than sacking them.

2
0
Silver badge

Obviously MP's shouldn't be looking at porn in their offices, but is it really the parliament authorities job to filter the traffic at all? When MP's in the chamber are exempt from laws such as libel, is it really appropriate to be filtering the internet to their office?

There are presumably legitimate ( although presumably rare ) reasons for an MP to be looking at legal but inappropriate material too.

1
0
Silver badge

An example of why an MP needs to access porn for their job?

MPs represent constituents needs, so unless there's some genuine social need for constituents to seek the Gov's help in finding "bongo-flicks", it should be blocked. I work for a financial services company and only odd request we needed to put a "hole" in the proxy filter for was for an investment manager to study some gaming sites to draw up a proposal to invest in them. Pornography, unless you're making it, staring in it or investing in it you don't need it at your place of work.

The problem with pornography is that you rely on the site owners to filter the content and judge it. Some 14 year old runaway found on Sunset Strip and offered $500 to be filmed being "probed" in all her "offices" is illegal in most countries, you watch it you're a party to child abuse. Someone finds out that you watched it on your company machines, it hits the media and next thing your company's name is mud and your investors are pulling out faster than Johnny Sins having done the deed!

2
1

Security testing

Security is important in the adult entertainment industry too, so these companies hire security testers to check the security of their websites. I've had to sit in an open plan office working on porn and other sites that would usually be inappropriate to view in the workplace at the direct instruction of my boss.

1
0
Silver badge

The only example I can think of is that owners of pornographic websites are constituents of MP's too.

I'm not sure exactly what that case would be in that situation, but it shouldn't be the parliamentary authorities place to decide whether there's a case for accessing that material or not. It's not a traditional employer / employee relationship.

0
0
Silver badge

Re: Security testing

I used to work for an adult firm.

Accessing the administration panel in a semi-emergency from a motorway service station was a nightmare due to content filtering, pre widespread 3G.

1
0
Silver badge
Coat

Re: Security testing

"...adult firm.... ...semi-emergency"

*snarf*

Sorry. I'll get my coat.

1
0
Silver badge

know better

"The figures are down on 2016, when 113,208 access were made - indicating a continuing trend of either greater care or loss of libido on the part of MPs."

Or maybe last year's 113,208 passed the word around when they found the filter, and only another 30,876 have tried this year.

1
1
Anonymous Coward

we know better

"The figures are down on 2016, when 113,208 access were made - indicating a continuing trend of either greater care or loss of libido on the part of MPs."

Or maybe last year's 113,208 passed the word around when they found the filter, and only another 30,876 have not found the proxy settings yet?

0
1
Silver badge

Re: know better

"Or maybe last year's 113,208 passed the word around when they found the filter, and only another 30,876 have tried this year."

Or maybe the filters are out of date and are not catching a load of new sites?

0
1

Re: know better

Or maybe the filters are now up to date and not blocking as many sites because some are actually not pr0nz at all?

The figures are completely meaningless and totally subjective, and only reflect the sensitivities and the accuracy of the small number of individuals employed to come up with a black-list to push out to customers devices or services. Many URLs won't have even been visited by the vendor of the filtering product or service to confirm the real nature the content - they couldn't possibly visit every site. They may also be blocking based on URL string alone. There are plenty of web-pundits that publish to the blog-o-sphere and think it highly amusing to put their content behind a risqué URL, coz they think it's clever - only for it to be blocked by most filters by default and then wonder why they don't get any hits.

1
0
Silver badge

Obviously they need some kind of monitoring system

They could keep all of parliaments internet connection records and make them public so that the people that elect these officials into office can vote out all the lazy MP's that are watching porn all day. (at least I hope that's all they are doing at work...)

0
0
Silver badge
Alert

Re: Obviously they need some kind of monitoring system

@ Crisp

" all the lazy MP's that are watching porn all day."

Just hope and pray they aren't posting porn all day.....

0
0
Silver badge

Re: Obviously they need some kind of monitoring system

A cam-MP ? Pass the mindbleach, quick.

0
0
Bronze badge

So in the end

We find out that nothing in the original story was true. Still, worth it to have a go at Conservatives wasn't it?

1
0
Silver badge

Mad World.

Watching sex = Bad

Watching on news TV bodies across the street dispersed after a bombing or kids starving in Third World = Good.

Total nonsense.

0
0
Silver badge

What really happened

" The vast majority of attempts to access them are not deliberate. The data shows requests to access websites, not visits to them."

The only thing this sentence states is that the request were not successful due to the filtering software.

0
0

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Forums

Biting the hand that feeds IT © 1998–2018